Security and the Java API

Accessing a Local Instance of the Secured Engine

If a local Flux engine has been created with security enabled, you can log in to it using the flux.LocalSecurity interfance, which can be created from the flux.Factory class. You log in to the engine by calling LocalSecurity.login(), passing in the reference to the engine and either a security subject or a username/password pair.

Security is viewed on a per-thread basis. If you log in as the user "mary" in one thread, for example, you can't log in as another user "john" without first logging out user "mary".

For an example of accessing a local instance of the secured engine, refer to the /examples/end_users/Security and /examples/software_developers/security directories under the Flux installation directory.

Accessinga  Secured Engine Remotely Using RMI

If you create a secured Flux engine from the command line (see the start-secure-flux-engine script in the Flux installation directory for an example), you don't need to explicitly enable remote acess. This will be performed by Flux automatically upon initialization.

If you create the secured engine using the Flux API, however, you will need to enable remote security to ensure that you can access the engine remotely. To do so, you simply create a flux.RemoteSecurity instance to interact with the engine, as in the following code:

Factory factory = Factory.makeInstance();
Configuration config = fluxFactory.makeConfiguration();
config.setSecurityEnabled(true);
 
//  Set any other configuration options here.
 
Engine engine = factory.makeEngine(config);
 
//  You must call makeRemoteSecurity() to enable remote access
//  to the secured engine.
fluxFactory.makeRemoteSecurity(config, engine);

The Factory.makeRemoteSecurity() method accepts two arguments: the Configuration object that was used to create the engine and the Engine instance that should have remote security enabled.

Once you have enabled remote security on an engine, your client code can look up the engine like so:

//  The registry port, host name, and engine name of the engine to look up.
//  These configuration options are only used for looking up the remote security.
Configuration remoteConfig = fluxFactory.makeConfiguration();
remoteConfig.setRegistryPort(1099);
remoteConfig.setHost("localhost");
remoteConfig.setServerName("Flux");
 
//   Look up the remote security. This method will look up a remote security
//  object that is associated with the engine running at the port, host, and
//  server specified in the "remoteConfig" object.
RemoteSecurity remoteSecurity = fluxFactory.lookupRemoteSecurity(remoteConfig);
 
//  Logging in to the remote security returns a reference to the engine.
Engine engine = remoteSecurity.login("admin""admin");

In this way the remote object provides an RMI frontend for the secured engine, and assurs that only authorizes users can get a reference to the engine.

 
 
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.